PlayStation Network Breach Sparks Class Action Lawsuit

Sony Corp. now faces legal action following a breach of its online PlayStation gaming network that compromised millions of its users’ personal data, said the Wall Street Journal.

One such lawsuit was filed in the U.S. District Court’s Northern District of California and seeks class-action status. Kristopher Johns, a videogame player, described Sonyâ€™s PlayStation network security as â€œnegligently poor,â€ said the Journal and pointed out that Sony did not encrypt personal data and Sony neglected to advise its customers of the breach when it occurred. “This has caused, and continues to cause, millions of consumers fear, apprehension, and damage,” the filing said, quoted the Journal.

Following news of the first lawsuit, PC World noted that many more such actions are expected and the potential magnitude of the problem will keep the trouble alive for some time. For instance, another lawsuit was filed in federal court in Los Angeles, said the Journal. That lawsuit alleges Sonyâ€™s negligence over how it enabled its userâ€™s personal data to be stolen.

At issue is the sheer seriousness of the breach, said PC World, as well as the breach itself. â€œI think the other issue at play here is going to be one or more lawsuits in which gross negligence will be proven if Sony doesnâ€™t settle out of courtâ€ said Randy Abrams, Director of Technical Education at security company ESET, quoted PC World.

Sony ultimately admitted that a hacker accessed the servers that maintained the private information of its PlayStation Network customers. Sony learned of the breach between April 17 and April 19, said the Journal. Service was stopped after the breach occurred; however, it took until April 26 for Sony to alert its customers. Although its credit card databases were encrypted, credit card information might have been stolen by the hacker.

There is concern that the hacking could turn viral if the hacker determines passwords for other services, such as for banks, emails, and other sites, which would enable hacking of those sites, as well, noted the Journal.

Sony says it continues to work with law enforcement and the Federal Bureau of Investigation (FBI) said it is speaking with Sony, but would not say if a probe has been initiated, said the Journal.

Other regulatory issues have been prompted by the security breach and appear to be overshadowing the growing issue of lost consumer trust. For instance, Members of Congress have taken notice, said PC World. Mary Bono Mack of California, chair of the House Subcommittee for Commerce, Manufacturing and Trade, just opened an investigation into the breach.

Representative Bobby Rush of Illinois and Senator Tom Carper of Delaware have since begun urging for more intense cyber-security legislation. Senator Richard Blumenthal of Connecticut wrote to Sony CEO Howard Stringer, saying, â€œI am concerned that PlayStation Network usersâ€™ personal and financial information may have been inappropriately accessed by a third party. Compounding this concern is the troubling lack of notification from Sony about the nature of the data breach,â€ quoted PC World.

Globally, regulators have opened investigations into the breach, including Britainâ€™s Information Commissionerâ€™s office and Canadaâ€™s Privacy Commissioner, said PC World.